Security Awareness Training Reporting
Track Progress, Gauge Results, Plan Accordingly
Our detailed reporting capabilities deliver the robust fourth component in our Assess, Educate, Reinforce, Measure methodology. These capabilities allow you to track your employees’ interactions with our CyberStrength®, ThreatSim®, SmishGuru®, and USBGuru® assessments, and our interactive training modules.
Plan your security awareness training with confidence. Our exportable reports help you focus on the areas, topics, and best practices that will benefit you the most, enabling you to reduce security risks and improve decision-making across all levels of your organization.
Comprehensive Reporting for In-Depth Analysis
Following is a list of the reports that are currently available for our assessment and training products (though we frequently add new reporting mechanisms). All reports can be exported, which allows you to easily share the results with interested parties, perform more detailed analysis, and evaluate results alongside other security events.
CyberStrength Knowledge Assessments
Our new, fuller-featured dynamic reporting functionality gives administrators more flexibility and additional insights into users’ interactions with CyberStrength assessments. You can easily filter data, compare assignments, quickly add and remove measurement factors, and more. Administrators can also download the data in CSV and Excel formats for data integration.
The following dynamic report is currently available in our platform:
Assessment Report – This report shows the overall status of your CyberStrength assignments, aggregating user data to identify the strengths and weaknesses in your users’ cyber security knowledge. Charts illustrate the top-scoring content areas as well as the highest scoring groups across all participants. Administrators can use dynamic and flexible filtering to to narrow in on the data that can help them identify knowledge gaps in your organization’s cyber security posture.
Following a more standard approach, our classic reports utilize bar charts and more elementary reporting techniques.
- Assessment Report – Shows the overall score of the assessment across the users who have completed it; the status of the assignment completion; scores by category; and scores by group. This gives you an at-a-glance view of strengths and weaknesses.
- Risk Report – Each section of this report gives you the ability to drill down into detailed information about a range of assessment results, including scores by group, lowest overall score by group, most missed questions, and lowest scores by person. You can use this analysis to tailor your follow-up training efforts and focus on the most important topics in different areas of your organization.
ThreatSim Simulated Phishing Attacks
- Recent Campaigns – This at-a-glance report provides a quick view into your organization’s short-term phishing performance via a graphical display of your campaigns and associated user activity. Information displayed in the report includes the following:
- Click rate
- Multiple clicks
- Opened messages
- No response
- Users who reported the mock phish
- Browser vulnerabilities
- Compromised users (i.e., those who provided their credentials to a fake site)
- Weak Network Egress data, which shows the users who clicked from non-enterprise networks or networks with permissive egress rules
- Users who acknowledged viewing the Teachable Moment
- All Campaigns – This reporting area gives administrators access to statistical details about each campaign and a variety of reports, including the following:
- Campaign History – Provides statistical details about each campaign, including visibility into past, current, and pending campaigns.
- Campaign Overview – In addition to campaign details, this report also displays relevant incident response data such as time-to-click, time-to-open, and time-to-report.
- Endpoints– Indicates the types of devices (desktop vs. mobile), operating systems, browsers, and browser versions that were used by employees who fell for a mock phishing email. Also reports on out-of-date and potentially vulnerable third-party plug-ins (via the optional Weak Network Egress feature).
- Geographic Distribution – Displays worldwide mapping of user activity per campaign, which helps you identify anomalies in your data regions with high levels of susceptibility.
- Users – Shows detailed and complete user activity, including clicks, opens, and reported phish. Also identifies out-of-date third-party browser plug-ins and detection of off-end points (via the optional Weak Network Egress feature).
- PhishAlarm® Reported Emails – This report shows the information reported via the PhishAlarm button, including the email type (Wombat Simulated Phish, Wombat Training Email, or Potential Phish), actions by end users, and time required to report potential phish. The information is displayed by first name, last name, email address, the time the email was sent, and the time the email was reported. With this information, now you can determine which users reported which types of emails, and whether an end user successfully spotted a simulated or potential phishing email.
SmishGuru Simulated Smishing Attacks
- Campaign Report – This at-a-glance report shows who fell for the simulated attack, how many people viewed and clicked the mock smishing message, and additional data points.
USBGuru Simulated USB Attacks
- Campaign Report – Shows the number of USB devices that were accessed and the IP addresses of the users who fell for the simulated attack.
- Responses per Device – Displays the number of unique responses per USB device planted in your location. You can use this data to determine which areas of your organization and which employees were more likely to pick up and use an untested/unauthorized USB drive.
TRAINING MODULE REPORTS
Our new, fuller-featured dynamic reporting functionality gives administrators more flexibility and additional insights into users’ interactions with our interactive training modules. You can easily filter data, compare assignments, quickly add and remove measurement factors, and more. Custom user properties uploaded by administrators are selectable within applicable reports (see descriptions below). Administrators can also download the data in CSV and Excel formats for data integration.
The following dynamic reports are currently available in our platform:
- Assignment Comparison – Shows both a simple top-ten bar chart of assignments and a data table of assignments illustrating completion rates and other statistics. Administrators can filter the report to view multiple assignments by date, completion status, and/or users participating in the assignment.
- Assignment User Details – A companion to the Assignment Comparison report, this report provides comprehensive user-level information for training assignments. Administrators can drill down to the user level and module level and view a number of data points, including a user’s module score percentage, time to complete the module, and total questions answered. Custom user properties are selectable within this report. There is also a chart view that shows the overall user progress against any assignments showing in the data set.
- Module Completion Summary – Tracks all end-user interactions with the training modules. Administrators can filter by module, date range, assignments, custom user properties, and a myriad of other criteria to find data on user participation in any Wombat module. (The dynamic report replaces the classic version of the Module Completion Summary.)
- Module Performance – Shows the average score for each module, as well as the module score for each user. A chart view highlights the top 25 user scores. The report can be filtered by training module, date, assignment, and/or custom user property to allow you to find exactly the data you need to make an action plan for your users.
- Most Missed – Alerts you to the topic areas users are having the most trouble with in our training modules. By highlighting weaknesses, you can more effectively focus your training efforts. The report can be filtered by module, date, and/or assignment to allow you to find exactly the data you need to make an action plan for your users.
- Policy Acknowledgement – Offers a detailed view of learners who have responded to a policy acknowledgement statement that was added to a training module through our Training Jacket feature. Administrators can filter by module, date range, assignment name, policy acknowledgement response, and custom user property. Two chart views show the status of policy acknowledgment responses.
- Training Leaderboard – Allows you to create and share refined, dashboard-like views of users’ training module performance. Administrators can quickly identify the top performers, completion progress, and best-performing departments. The report also includes an exportable table that ranks all users with a formula that uses completion time and module scores across any combination of training modules.
Following a more standard approach, our classic reports utilize bar charts and more elementary reporting techniques. The following classic reports are available in our platform:
- Assignment Details – Shows the details of how each user is progressing within an assignment and includes each user who was assigned training. A pie chart displays the status of each user in an assignment, and a bar chart shows the completion rate of each module within the assignment.
- Assignment Status – Gives a snapshot of 5 to 25 assignments, side-by-side, for selected dates. A bar chart and table display the perfect of users who have completed, are in progress on, or have not started and assignment.
- User Report Cards – Allows you to see all the activity of a single user, including scores for specific modules and a cumulative performance rating. This helps you identify users who need extra training as well as track improvement.